Bluepurple Pulse: week ending May 28th
Tags
Common Information
| Type | Value |
|---|---|
| UUID | bdbf97ed-7ad4-4bc2-93cb-6db47c8fe6ee |
| Fingerprint | b5819d998c2186c9 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 26, 2023, midnight |
| Added to db | June 5, 2023, 2:37 p.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | Cyber Defence Analysis for Blue & Purple Teams |
| Title | Bluepurple Pulse: week ending May 28th |
| Detected Hints/Tags/Attributes | 278/4/81 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 76 | ✔ | Cyber Defence Analysis for Blue & Purple Teams | https://bluepurple.binaryfirefly.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CERT Ukraine | 12 | UAC-0063 |
|
| Details | CVE | 64 | cve-2023-28771 |
|
| Details | CVE | 8 | cve-2023-24905 |
|
| Details | CVE | 22 | cve-2023-32784 |
|
| Details | CVE | 117 | cve-2023-2868 |
|
| Details | Domain | 3 | xorl.wordpress.com |
|
| Details | Domain | 83 | cert.gov.ua |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 101 | cert.pl |
|
| Details | Domain | 124 | www.sentinelone.com |
|
| Details | Domain | 189 | asec.ahnlab.com |
|
| Details | Domain | 22 | www.genians.co.kr |
|
| Details | Domain | 57 | www.clearskysec.com |
|
| Details | Domain | 144 | www.fortinet.com |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 110 | exploit.in |
|
| Details | Domain | 31 | www.esentire.com |
|
| Details | Domain | 74 | thedfirreport.com |
|
| Details | Domain | 546 | www.recordedfuture.com |
|
| Details | Domain | 261 | blog.talosintelligence.com |
|
| Details | Domain | 23 | permiso.io |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 768 | www.youtube.com |
|
| Details | Domain | 4 | embee-research.ghost.io |
|
| Details | Domain | 14 | attackerkb.com |
|
| Details | Domain | 154 | arxiv.org |
|
| Details | Domain | 113 | www.usenix.org |
|
| Details | Domain | 1 | rez0.blog |
|
| Details | Domain | 2 | www.forensicxlab.com |
|
| Details | Domain | 2 | mrd0x.com |
|
| Details | Domain | 5 | status.barracuda.com |
|
| Details | Domain | 12 | binaryfirefly.com |
|
| Details | 12 | hello@binaryfirefly.com |
||
| Details | File | 99 | cert.pl |
|
| Details | File | 3 | applvsubsystem64.dll |
|
| Details | File | 128 | w3wp.exe |
|
| Details | File | 4 | threat_intelligence_report_apt37.pdf |
|
| Details | File | 8 | wintapix.sys |
|
| Details | File | 2 | srvnet2.sys |
|
| Details | File | 1 | sec23fall-prepub-261-xia-qi.pdf |
|
| Details | File | 1 | prompt-injection-poc.html |
|
| Details | Github username | 4 | jaredcatkinson |
|
| Details | Github username | 1 | connormcgarr |
|
| Details | Github username | 1 | 0xthiebaut |
|
| Details | Github username | 1 | boringthegod |
|
| Details | Github username | 2 | vdohney |
|
| Details | Threat Actor Identifier - APT-C | 15 | APT-C-28 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |
|
| Details | Threat Actor Identifier - APT | 277 | APT37 |
|
| Details | Url | 1 | https://xorl.wordpress.com/2021/04/16/russias-cyber-operations-groups |
|
| Details | Url | 2 | https://cert.gov.ua/article/4697016 |
|
| Details | Url | 6 | https://securelist.com/goldenjackal-apt-group/109677 |
|
| Details | Url | 5 | https://www.sentinelone.com/labs/kimsuky-ongoing-campaign-using-tailored-reconnaissance-toolkit |
|
| Details | Url | 5 | https://asec.ahnlab.com/en/53132 |
|
| Details | Url | 3 | https://asec.ahnlab.com/ko/52829 |
|
| Details | Url | 3 | https://www.genians.co.kr/blog/threat_intelligence_report_apt37 |
|
| Details | Url | 2 | https://www.genians.co.kr/hubfs/blogfile/threat_intelligence_report_apt37.pdf |
|
| Details | Url | 2 | https://www.clearskysec.com/fata-morgana |
|
| Details | Url | 2 | https://www.fortinet.com/blog/threat-research/operation-total-exchange-backdoor-discovered |
|
| Details | Url | 2 | https://www.fortinet.com/blog/threat-research/wintapix-kernal-driver-middle-east-countries |
|
| Details | Url | 4 | https://securelist.com/cloudwizard-apt/109722 |
|
| Details | Url | 3 | https://www.mandiant.com/resources/blog/cosmicenergy-ot-malware-russian-response |
|
| Details | Url | 1 | https://www.esentire.com/web-native-pages/the-hunt-for-venom-spider-part-2 |
|
| Details | Url | 2 | https://thedfirreport.com/2023/05/22/icedid-macro-ends-in-nokoyawa-ransomware |
|
| Details | Url | 1 | https://www.recordedfuture.com/i-have-no-mouth-and-i-must-do-crime |
|
| Details | Url | 1 | https://blog.talosintelligence.com/mercenary-intellexa-predator |
|
| Details | Url | 1 | https://permiso.io/blog/s/watering-hole-attack-targets-aws-users |
|
| Details | Url | 1 | https://github.com/jaredcatkinson/malwaremorphology |
|
| Details | Url | 1 | https://www.youtube.com/live/ktaeujdbw3s?feature=share |
|
| Details | Url | 1 | https://embee-research.ghost.io/amadey-bot-infrastructure |
|
| Details | Url | 1 | https://github.com/connormcgarr/eatguard |
|
| Details | Url | 1 | https://github.com/0xthiebaut/pcapeek |
|
| Details | Url | 1 | https://attackerkb.com/topics/n3i8dxpfks/cve-2023-28771/rapid7-analysis |
|
| Details | Url | 1 | https://arxiv.org/abs/2305.10791 |
|
| Details | Url | 1 | https://www.usenix.org/system/files/sec23fall-prepub-261-xia-qi.pdf |
|
| Details | Url | 1 | https://rez0.blog/hacking/2023/05/19/prompt-injection-poc.html |
|
| Details | Url | 1 | https://www.forensicxlab.com/posts/keepass |
|
| Details | Url | 1 | https://github.com/boringthegod/postmaniac |
|
| Details | Url | 1 | https://mrd0x.com/file-archiver-in-the-browser |
|
| Details | Url | 1 | https://github.com/vdohney/keepass-password-dumper |
|
| Details | Url | 3 | https://status.barracuda.com/incidents/34kx82j5n4q9 |